def test_is_forbidden(self): handler = MixinHandler() handler.is_open_to_public = True handler.forbid_public_http = True request = HTTPRequest('http://example.com/') handler.request = request context = Mock(address=('8.8.8.8', 8888), trusted_downstream=['127.0.0.1'], _orig_protocol='http') request.connection = Mock(context=context) self.assertTrue(handler.is_forbidden()) context = Mock(address=('8.8.8.8', 8888), trusted_downstream=[], _orig_protocol='http') request.connection = Mock(context=context) self.assertTrue(handler.is_forbidden()) context = Mock(address=('192.168.1.1', 8888), trusted_downstream=[], _orig_protocol='http') request.connection = Mock(context=context) self.assertIsNone(handler.is_forbidden()) context = Mock(address=('8.8.8.8', 8888), trusted_downstream=[], _orig_protocol='https') request.connection = Mock(context=context) self.assertIsNone(handler.is_forbidden())
def test_get_redirect_url(self): mhandler = MixinHandler() hostname = 'www.example.com' uri = '/' port = 443 self.assertEqual(mhandler.get_redirect_url(hostname, port, uri=uri), 'https://www.example.com/') port = 4433 self.assertEqual(mhandler.get_redirect_url(hostname, port, uri), 'https://www.example.com:4433/')
def test_is_forbidden(self): mhandler = MixinHandler() handler.redirecting = True options.fbidhttp = True context = Mock( address=('8.8.8.8', 8888), trusted_downstream=['127.0.0.1'], _orig_protocol='http' ) hostname = '4.4.4.4' self.assertTrue(mhandler.is_forbidden(context, hostname)) context = Mock( address=('8.8.8.8', 8888), trusted_downstream=[], _orig_protocol='http' ) hostname = 'www.google.com' self.assertEqual(mhandler.is_forbidden(context, hostname), False) context = Mock( address=('8.8.8.8', 8888), trusted_downstream=[], _orig_protocol='http' ) hostname = '4.4.4.4' self.assertTrue(mhandler.is_forbidden(context, hostname)) context = Mock( address=('192.168.1.1', 8888), trusted_downstream=[], _orig_protocol='http' ) hostname = 'www.google.com' self.assertIsNone(mhandler.is_forbidden(context, hostname)) options.fbidhttp = False self.assertIsNone(mhandler.is_forbidden(context, hostname)) hostname = '4.4.4.4' self.assertIsNone(mhandler.is_forbidden(context, hostname)) handler.redirecting = False self.assertIsNone(mhandler.is_forbidden(context, hostname)) context._orig_protocol = 'https' self.assertIsNone(mhandler.is_forbidden(context, hostname))
def test_is_forbidden(self): handler = MixinHandler() open_to_public['http'] = True open_to_public['https'] = True options.fbidhttp = True options.redirect = True context = Mock(address=('8.8.8.8', 8888), trusted_downstream=['127.0.0.1'], _orig_protocol='http') self.assertTrue(handler.is_forbidden(context, '')) context = Mock(address=('8.8.8.8', 8888), trusted_downstream=[], _orig_protocol='http') hostname = 'www.google.com' self.assertEqual(handler.is_forbidden(context, hostname), False) context = Mock(address=('192.168.1.1', 8888), trusted_downstream=[], _orig_protocol='http') self.assertIsNone(handler.is_forbidden(context, '')) context = Mock(address=('8.8.8.8', 8888), trusted_downstream=[], _orig_protocol='https') self.assertIsNone(handler.is_forbidden(context, '')) context = Mock(address=('8.8.8.8', 8888), trusted_downstream=[], _orig_protocol='http') hostname = '8.8.8.8' self.assertTrue(handler.is_forbidden(context, hostname))
def test_get_real_client_addr(self): x_forwarded_for = '1.1.1.1' x_forwarded_port = 1111 x_real_ip = '2.2.2.2' x_real_port = 2222 fake_port = 65535 mhandler = MixinHandler() mhandler.request = HTTPServerRequest(uri='/') mhandler.request.remote_ip = x_forwarded_for self.assertIsNone(mhandler.get_real_client_addr()) mhandler.request.headers.add('X-Forwarded-For', x_forwarded_for) self.assertEqual(mhandler.get_real_client_addr(), (x_forwarded_for, fake_port)) mhandler.request.headers.add('X-Forwarded-Port', fake_port + 1) self.assertEqual(mhandler.get_real_client_addr(), (x_forwarded_for, fake_port)) mhandler.request.headers['X-Forwarded-Port'] = x_forwarded_port self.assertEqual(mhandler.get_real_client_addr(), (x_forwarded_for, x_forwarded_port)) mhandler.request.remote_ip = x_real_ip mhandler.request.headers.add('X-Real-Ip', x_real_ip) self.assertEqual(mhandler.get_real_client_addr(), (x_real_ip, fake_port)) mhandler.request.headers.add('X-Real-Port', fake_port + 1) self.assertEqual(mhandler.get_real_client_addr(), (x_real_ip, fake_port)) mhandler.request.headers['X-Real-Port'] = x_real_port self.assertEqual(mhandler.get_real_client_addr(), (x_real_ip, x_real_port))
def test_get_real_client_addr(self): handler = MixinHandler() handler.request = HTTPServerRequest(uri='/') self.assertIsNone(handler.get_real_client_addr()) ip = '127.0.0.1' handler.request.headers.add('X-Real-Ip', ip) self.assertEqual(handler.get_real_client_addr(), False) handler.request.headers.add('X-Real-Port', '12345x') self.assertEqual(handler.get_real_client_addr(), False) handler.request.headers.update({'X-Real-Port': '12345'}) self.assertEqual(handler.get_real_client_addr(), (ip, 12345)) handler.request.headers.update({'X-Real-ip': None}) self.assertEqual(handler.get_real_client_addr(), False) handler.request.headers.update({'X-Real-Port': '12345x'}) self.assertEqual(handler.get_real_client_addr(), False)
def test_get_client_addr(self): mhandler = MixinHandler() client_addr = ('8.8.8.8', 8888) context_addr = ('127.0.0.1', 1234) options.xheaders = True mhandler.context = Mock(address=context_addr) mhandler.get_real_client_addr = lambda: None self.assertEqual(mhandler.get_client_addr(), context_addr) mhandler.context = Mock(address=context_addr) mhandler.get_real_client_addr = lambda: client_addr self.assertEqual(mhandler.get_client_addr(), client_addr) options.xheaders = False mhandler.context = Mock(address=context_addr) mhandler.get_real_client_addr = lambda: client_addr self.assertEqual(mhandler.get_client_addr(), context_addr)
def test_get_real_client_addr(self): x_forwarded_for = 'a.a.a.a, 1.1.1.1' x_forwarded_port = 1111 x_real_ip = '2.2.2.2' x_real_port = 2222 fake_port = 65535 mhandler = MixinHandler() mhandler.request = HTTPServerRequest(uri='/') mhandler.request.remote_ip = '4.4.4.4' self.assertIsNone(mhandler.get_real_client_addr()) mhandler.request.headers.add('X-Forwarded-For', x_forwarded_for) self.assertIsNone(mhandler.get_real_client_addr()) self.assertIsNone(mhandler.get_real_client_addr(True)) x_forwarded_for = '1.1.1.1, 4.4.4.4' lst = [i.strip() for i in x_forwarded_for.split(',')] x_forwarded_first, x_forwarded_last = lst[0], lst[-1] mhandler.request.headers['X-Forwarded-For'] = x_forwarded_for self.assertEqual(mhandler.get_real_client_addr(), (x_forwarded_last, fake_port)) self.assertEqual(mhandler.get_real_client_addr(True), (x_forwarded_first, fake_port)) mhandler.request.headers.add('X-Forwarded-Port', fake_port + 1) self.assertEqual(mhandler.get_real_client_addr(), (x_forwarded_last, fake_port)) self.assertEqual(mhandler.get_real_client_addr(True), (x_forwarded_first, fake_port)) mhandler.request.headers['X-Forwarded-Port'] = x_forwarded_port self.assertEqual(mhandler.get_real_client_addr(), (x_forwarded_last, x_forwarded_port)) self.assertEqual(mhandler.get_real_client_addr(True), (x_forwarded_first, x_forwarded_port)) mhandler.request.remote_ip = x_real_ip mhandler.request.headers.add('X-Real-Ip', x_real_ip) self.assertEqual(mhandler.get_real_client_addr(), (x_real_ip, fake_port)) mhandler.request.headers.add('X-Real-Port', fake_port + 1) self.assertEqual(mhandler.get_real_client_addr(), (x_real_ip, fake_port)) mhandler.request.headers['X-Real-Port'] = x_real_port self.assertEqual(mhandler.get_real_client_addr(), (x_real_ip, x_real_port))